February 7, 2024 at 12:25PM The widely reported story about 3 million electric toothbrushes being hacked with malware for DDoS attacks appears to be a hypothetical scenario rather than an actual attack. The dramatic story lacked verification and was likely misunderstood or taken out of context. It serves as a reminder to keep internet-exposed devices … Read more
February 7, 2024 at 04:40AM The blog entry discusses the critical Atlassian Confluence vulnerability CVE-2023-22527, which facilitates remote code execution. Update to Confluence version 8.5.4 or 8.5.5 to address the flaw. The vulnerability’s technical breakdown, exploitation scenarios, and available security solutions are detailed, underscoring the urgency for patching and utilizing security measures. The meeting notes … Read more
February 7, 2024 at 04:02AM JetBrains warns of critical security flaw (CVE-2024-23917) in TeamCity On-Premises software, allowing unauthenticated attackers to gain administrative control. Users advised to update to version 2023.11.3 or use a security patch plugin. Vulnerability affects versions from 2017.1 to 2023.11.2. No known exploits, but caution urged due to past similar incidents. Key … Read more
February 6, 2024 at 03:09PM Two critical command injection vulnerabilities (CVE-2024-23108 and CVE-2024-23109) in Fortinet’s FortiSIEM product have provisional CVSS scores of 10. These flaws impact multiple versions of FortiSIEM, potentially allowing threat actors to execute unauthorized code. The link provided by Fortinet leads to a write-up on a prior vulnerability, hinting at a potential … Read more
February 6, 2024 at 10:10AM Threat actors are using fake Facebook job ads to distribute a new Windows-based stealer malware, Ov3r_Stealer, designed to steal credentials and crypto wallets. The campaign’s end goal remains unknown, but the stolen information may be sold to other threat actors or used to distribute additional payloads, including ransomware. This tactic … Read more
February 5, 2024 at 10:22AM Data security remains a top challenge for businesses, with a rise in vulnerabilities and cyberattacks. The SEC’s new rules for publicly traded companies aim to address this, but threat actors are finding ways to exploit them, as seen in a recent ransomware incident. Public companies must prioritize cybersecurity, have robust … Read more
February 3, 2024 at 04:40PM Clorox confirmed a cyberattack in September 2023, costing $49 million in expenses. The incident led to production disruption and decreased availability of products. The company incurred expenses for third-party consulting, IT recovery, forensic experts, and professional services to investigate and remediate the attack. Recovery efforts are ongoing, and Johnson Controls … Read more
February 1, 2024 at 05:15PM The United States Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch agencies to remove Ivanti appliances from federal networks within 48 hours. The directive is a response to multiple threat actors exploiting security flaws in the appliances. Agencies are required to disconnect and rebuild the appliances, … Read more
February 1, 2024 at 08:52AM CISA has directed U.S. federal agencies to disconnect vulnerable Ivanti Connect Secure or Policy Secure VPN appliances due to exploited bugs. Ivanti is targeted in attacks using zero-day flaws, prompting the release of security patches and mitigation instructions. Agencies are required to follow a series of steps to bring the … Read more
January 31, 2024 at 02:36AM Two zero-day flaws in Ivanti Connect Secure (ICS) VPN have been exploited to distribute the Rust-based KrustyLoader and the Sliver adversary simulation tool. Identified as CVE-2023-46805 and CVE-2024-21887, the flaws allow unauthenticated remote code execution with delayed patches. The vulnerabilities have been utilized by threat actors and other adversaries. Key … Read more